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The Claims 

Claims 1-26 (Canceled) 

27. (Previously presented) A method for preventing hostile use of computer 
resources by an application running on a workstation, comprising: 

providing, on a workstation, a pre-set list of applications permitted to run on the 
workstation and a list of one or more computer resources on the workstation that are not 
accessible to unspecified applications; 

providing a filter on the workstation for receiving internal requests for computer 
resources resident on the workstation; 

receiving at the filter a request for access generated by an unspecified application 
downloaded to the workstation from a source external to the workstation, the request for 
access identifying a computer resource resident on the workstation to which the unspecified 
application seeks access; 

determining, by the filter on the workstation, that the unspecified application is not 
identifiable in the pre-set list of applications; 

determining, by the filter on the workstation, whether the requested computer 
resource is on the list of one or more computer resources that are not accessible to 
unspecified applications; 

allowing access to the requested computer resource if the requested computer 
resource is not on the list of one or more computer resources that are not accessible to 
unspecified applications; and 

preventing access to the requested computer resource if the requested computer 
resource is on the list of one or more computer resources that are not accessible to 
unspecified applications. 

28. (Previously Presented) The method of Claim 27, wherein the list of one or 
more computer resources that are not accessible to unspecified applications comprises a look- 
up table. 
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29. (Previously Presented) The method of Claim 27, wherein the requested 
computer resource is selected from the group consisting of a memory allocation, a file, and a 
directory. 

30. (Previously Presented) The method of Claim 27, wherein the requested 
computer resource is selected from the group consisting of a copy command, a delete 
command, and a compress command. 

31. (Previously Presented) The method of Claim 27, wherein the requested 
computer resource comprises an operation that when performed leads to a permanent change 
in the workstation. 

32. (Previously Presented) The method of Claim 27, wherein receiving the 
request comprises receiving a direct request generated by the unspecified application. 

33. (Previously Presented) The method of Claim 27, wherein receiving the 
request comprises receiving an indirect request generated by the unspecified application. 

34. (Previously Presented) The method of Claim 27, wherein the list of one or 
more computer resources that are not accessible to unspecifed applications comprises a list of 
one or more computer resources that the unspecified application may use during operations 
performed by the unspecified application. 
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35. (Withdrawn) A method for preventing hostile use of computer resources by 
an application running on a workstation, comprising: 

providing a filter on a workstation for receiving internal requests for computer 
resources resident on the workstation; 

receiving at the filter a request for access from an application resident on the 
workstation, the request for access identifying a computer resource resident on the 
workstation, 

determining if the request for access has exceeded a pre-set threshold identifying a 
limited number of processes that may be initiated by the application; 

allowing access to the requested computer resource if the request for access has not 
exceeded the pre-set threshold; and 

preventing access to the requested computer resource if the request for access has 
exceeded the pre-set threshold. 

36. (Withdrawn) The method of Claim 35, wherein the application from which 
the request for access is received comprises an unspecified application downloaded to the 
workstation from a source external to the workstation, the unspecified application not 
identifiable in a pre-set list of hostile applications. 

37. (Withdrawn) The method of Claim 35, wherein the requested computer 
resource is selected from the group consisting of a memory allocation, a file, and a directory. 

38. (Withdrawn) The method of Claim 35, wherein the requested computer 
resource is selected from the group consisting of a copy command, a delete command, and a 
compress command. 

39. (Withdrawn) The method of Claim 35, wherein the requested computer 
resource comprises an operation that when performed leads to a permanent change in the 
workstation. 



DAL01:984706 



ATTORNEY DOCKET NO. 
063170.6607 



PATENT APPLICATION 
SERIAL NO. 09/622,959 



5 

40. (Withdrawn) The method of Claim 35, wherein receiving the request 
comprises receiving a direct request generated by the unspecified application. 

41. (Withdrawn) The method of Claim 35, wherein receiving the request 
comprises receiving an indirect request generated by the unspecified application. 

42. (Previously presented) A workstation for preventing hostile use of computer 
resources by an application rurming on the workstation, comprising: 

a memory operable to store one or more applications, at least one application 
comprising an unspecified application received from the network as a downloadable 
application; and 

a processor on a workstation coupled to the memory and operable to: 

maintain a pre-set list of applications permitted to run on the workstation and a 
list of one or more computer resources on the workstation that are not accessible to any 
unspecified applications; 

in response to a request received from the unspecified application, determine 
that the unspecified application is not identifiable in the pre-set list of applications; 

determine whether a requested computer resource is on the list of one or more 
computer resources on the workstation that are not accessible to any unspecified applications; 

allow access to the requested computer resource if the requested computer 
resource is not on the list of one or more computer resources that are not accessible to any 
unspecified applications; and 

prevent access to the requested computer resource if the requested computer 
resource is on the list of one or more computer resources that are not accessible to any 
unspecifed applications. 

43. (Previously Presented) The workstation of Claim 42, wherein the list of one 
or more computer resources that are not accessible to any unspecified applications comprises 
a look-up table. 
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44. (Previously Presented) The workstation of Claim 42, wherein the requested 
computer resource is selected from the group consisting of a memory allocation, a file, and a 
directory. 

45. (Previously Presented) The workstation of Claim 42, wherein the requested 
computer resource is selected from the group consisting of a copy command, a delete 
command, and a compress command. 

46. (Previously Presented) The workstation of Claim 42, wherein the requested 
computer resource comprises an operation that when performed leads to a permanent change 
in the workstation. 

47. (Previously Presented) The workstation of Claim 42, wherein the request 
from the unspecified application comprises a direct request. 

48. (Previously Presented) The workstation of Claim 42, wherein the request 
from the unspecified application comprises an indirect request. 

49. (Previously Presented) The workstation of Claim 42, wherein the list of one 
or more computer resources that are not accessible to any unspecified applications comprises 
a list of one or more computer resources that the unspecified application may use during 
operations performed by the unspecified application. 
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50. (Withdrawn) A workstation for preventing hostile use of computer resources 
by an application running on the workstation, comprising: 

a memory operable to store one or more applications; and 

a processor in communication with the memory and operable to: 

in response to a received request for access, determine if the request has 

exceeded a pre-set threshold identifying a limited number of processes that may be initiated 

by an application; 

allow access to the requested computer resource if the request for access has 
not exceeded the pre-set threshold; and 

prevent access to the requested computer resource if the request for access has 
exceeded the pre-set threshold. 

51. (Withdravm) The workstation of Claim 50, wherein at least one of the one or 
more applications comprise an unspecified application downloaded to the workstation from a 
source external to the workstation, the unspecified appUcation not identifiable in a pre-set list 
of hostile applications. 

52. (Withdrawn) The workstation of Claim 50, wherein the requested computer 
resource is selected from the group consisting of a memory allocation, a file, and a directory. 

53. (Withdrawn) The workstation of Claim 50, wherein the requested computer 
resource is selected from the group consisting of a copy command, a delete command, and a 
compress command. 

54. (Withdrawn) The workstation of Claim 50, wherein the requested computer 
resource comprises an operation that when performed leads to a permanent change in the 
workstation. 

55. (Withdrawn) The workstation of Claim 50, wherein the request from the 
unspecified application comprises a direct request. 
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56. (Withdrawn) The workstation of Claim 50, wherein the request from the 
unspecified application comprises an indirect request. 

57. (Previously presented) Logic for preventing hostile use of computer resources 
by an application running on a workstation, the logic encoded in media and operable when 
executed to: 

maintain, on a workstation, a pre-set list of applications permitted to run on the 
workstation and a list of one or more computer resources on the workstation that are not 
accessible to unspecified applications; 

provide a filter on a workstation for receiving intemal requests for computer resources 
resident on the workstation; 

receive at the filter a request for access generated by an unspecified application 
downloaded to the workstation from a source external to the workstation, the request for 
access identifying a computer resource resident on the workstation to which the unspecified 
application seeks access; 

determine, by the filter on the workstation, that the unspecified application is not 
identifiable in the pre-set list of applications permitted to run on the workstation; 

determine, by the filter on the workstation, whether the requested computer resource 
is on the list of one or more computer resources that are not accessible to unspecified 
applications; 

allow access to the requested computer resource if the requested computer resource is 
not on the list of one or more computer resources that are not accessible to unspecified 
applications; and 

prevent access to the requested computer resource if the requested computer resource 
is on the list of one or more computer resources that are not accessible to unspecified 
applications. 

58. (Previously Presented) The logic of Claim 57, wherein the list of one or more 
computer resources that are not accessible to any unspecified applications comprises a look- 
up table. 
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59. (Previously Presented) The logic of Claim 57, wherein the requested 
computer resource is selected from the group consisting of a memory allocation, a file, and a 
directory. 

60. (Previously Presented) The logic of Claim 57, v^herein the requested 
computer resource is selected from the group consisting of a copy command, a delete 
command, and a compress command. 

61. (Previously Presented) The logic of Claim 57, wherein the requested 
computer resource comprises an operation that when performed leads to a permanent change 
in the workstation. 

62. (Previously Presented) The logic of Claim 57, wherein receiving the request 
comprises receiving a direct request generated by the unspecified application. 

63. (Previously Presented) The logic of Claim 57, wherein receiving the request 
comprises receiving an indirect request generated by the unspecified application. 

64. (Previously Presented) The logic of Claim 57, wherein the list of one or more 
computer resources that are not accessible to any unspecified applications comprises a list of 
one or more computer resources that the unspecified application may use during operations 
performed by the unspecified application. 
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65. (Withdrawn) Logic for preventing hostile use of computer resources by an 
application running on a workstation, the logic encoded in media and operable when executed 
to: 

provide a filter on a workstation for receiving internal requests for computer resources 
resident on the workstation; 

receive at the fiher a request for access from an application resident on the 
workstation, the request for access identifying a computer resource resident on the 
workstation, 

determine if the request for access has exceeded a pre-set threshold identifying a 
limited number of processes that may be initiated by the application; 

allow access to the requested computer resource if the request for access has not 
exceeded the pre-set threshold; and 

prevent access to the requested computer resource if the request for access has 
exceeded the pre-set threshold. 

66. (Withdrawn) The logic of Claim 65, wherein the appUcation from which the 
request for access is received comprises an unspecified application downloaded to the 
workstation from a source external to the workstation, the unspecified application not 
identifiable in a pre-set list of hostile applications. 

67. (Withdravra) The logic of Claim 65, wherein the requested computer resource 
is selected from the group consisting of a memory allocation, a file, and a directory. 

68. (Withdrawn) The logic of Claim 65, wherein the requested computer resource 
is selected from the group consisting of a copy command, a delete command, and a compress 
command. 

69. (Withdrawn) The logic of Claim 65, wherein the requested computer resource 
comprises an operation that when performed leads to a permanent change in the workstation. 
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70. (Withdrawn) The logic of Claim 65, wherein receiving the request comprises 
receiving a direct request generated by the unspecified application. 

71. (Withdrawn) The logic of Claim 65, wherein receiving the request comprises 
receiving an indirect request generated by the unspecified application. 
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